From 8c2da3309f358e5e661f758a7811dd09b7e22cbc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christoph=20St=C3=A4bler?= <cstabler@redhat.com>
Date: Sun, 4 Feb 2024 12:23:31 +0100
Subject: [PATCH 1/2] Add broker OIDC e2e tests

---
 test/e2e_new/broker_test.go | 39 +++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/test/e2e_new/broker_test.go b/test/e2e_new/broker_test.go
index 9073143980..d4a9c3921b 100644
--- a/test/e2e_new/broker_test.go
+++ b/test/e2e_new/broker_test.go
@@ -25,11 +25,16 @@ import (
 
 	"knative.dev/pkg/system"
 	"knative.dev/reconciler-test/pkg/environment"
+	"knative.dev/reconciler-test/pkg/eventshub"
 	"knative.dev/reconciler-test/pkg/feature"
 	"knative.dev/reconciler-test/pkg/k8s"
 	"knative.dev/reconciler-test/pkg/knative"
 
 	"knative.dev/eventing-kafka-broker/test/rekt/features"
+	"knative.dev/eventing/test/rekt/features/broker"
+	brokereventingfeatures "knative.dev/eventing/test/rekt/features/broker"
+	"knative.dev/eventing/test/rekt/features/oidc"
+	brokerresources "knative.dev/eventing/test/rekt/resources/broker"
 )
 
 const (
@@ -229,3 +234,37 @@ func TestNamespacedBrokerNamespaceDeletion(t *testing.T) {
 	env.Test(ctx, t, features.SetupNamespacedBroker(name))
 	env.Test(ctx, t, features.CleanupNamespace(namespace))
 }
+
+func TestBrokerSupportsOIDC(t *testing.T) {
+	t.Parallel()
+
+	ctx, env := global.Environment(
+		knative.WithKnativeNamespace(system.Namespace()),
+		knative.WithLoggingConfig,
+		knative.WithTracingConfig,
+		k8s.WithEventListener,
+		environment.WithPollTimings(4*time.Second, 12*time.Minute),
+		environment.Managed(t),
+		eventshub.WithTLS(t),
+	)
+
+	name := feature.MakeRandomK8sName("broker")
+	env.Prerequisite(ctx, t, broker.GoesReady(name, brokerresources.WithEnvConfig()...))
+
+	env.TestSet(ctx, t, oidc.AddressableOIDCConformance(brokerresources.GVR(), "Broker", name, env.Namespace()))
+}
+
+func TestBrokerSendsEventsWithOIDCSupport(t *testing.T) {
+	t.Parallel()
+
+	ctx, env := global.Environment(
+		knative.WithKnativeNamespace(system.Namespace()),
+		knative.WithLoggingConfig,
+		knative.WithTracingConfig,
+		k8s.WithEventListener,
+		environment.Managed(t),
+		eventshub.WithTLS(t),
+	)
+
+	env.TestSet(ctx, t, brokereventingfeatures.BrokerSendEventWithOIDC())
+}

From 77c9089df6ca7ded1d8298874add848964bbd554 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christoph=20St=C3=A4bler?= <cstabler@redhat.com>
Date: Sat, 10 Feb 2024 12:54:00 +0100
Subject: [PATCH 2/2] Fix broker template to allow TLS & OIDC configuration on
 dead letter sink

---
 test/e2e_new/templates/kafka-broker/broker.yaml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/test/e2e_new/templates/kafka-broker/broker.yaml b/test/e2e_new/templates/kafka-broker/broker.yaml
index 5c462829ab..37150cc4ec 100644
--- a/test/e2e_new/templates/kafka-broker/broker.yaml
+++ b/test/e2e_new/templates/kafka-broker/broker.yaml
@@ -64,6 +64,13 @@ spec:
       {{ if .delivery.deadLetterSink.uri }}
       uri: {{ .delivery.deadLetterSink.uri }}
       {{ end }}
+      {{ if .delivery.deadLetterSink.CACerts }}
+      CACerts: |-
+        {{ .delivery.deadLetterSink.CACerts }}
+      {{ end }}
+      {{ if .delivery.deadLetterSink.audience }}
+      audience: {{ .delivery.deadLetterSink.audience }}
+      {{ end }}
     {{ end }}
     {{ if .delivery.retry }}
     retry: {{ .delivery.retry}}